FBI Disrupts GRU Operation; Iranian Threat Actors Target U.S. Infrastructure; New ClickFix Attack Technique Observed

The FBI disrupted a GRU (Russian military intelligence) operation that hijacked Ubiquiti EdgeRouters to conduct cyber espionage and other malicious activities. Separately, Iranian state-sponsored threat actors exploited programmable logic controllers (PLCs) in U.S. critical infrastructure, including water and energy sectors. A new attack technique called ClickFix was observed bypassing Apple’s Terminal security mitigations by tricking users into executing malicious scripts via fake update prompts. No specific dates, CVE IDs, or technical details about the exploited PLC vulnerabilities were provided. The incidents highlight ongoing threats from nation-state actors targeting infrastructure and endpoint devices.